#!/bin/sh

#
# Test that installing a firmware that's missing a signature fails
#

. "$(cd "$(dirname "$0")" && pwd)/common.sh"

cat >$CONFIG <<EOF
file-resource TEST {
	host-path = "${TESTFILE_1K}"
}

task complete {
	on-resource TEST { raw_write(0) }
}
EOF

# Create new keys
cd $WORK
$FWUP_CREATE -g
cd -

# DON'T sign the firmware
$FWUP_CREATE -c -f $CONFIG -o $FWFILE

# Check that applying the firmware breaks
echo Expecting error from apply...
if $FWUP_APPLY -q -p $WORK/fwup-key.pub -a -d $IMGFILE -i $FWFILE -t complete; then
    echo "Expecting an unsigned firmware install to fail."
    exit 1
fi

echo Expecting error from verify...
if $FWUP_VERIFY -V -p $WORK/fwup-key.pub -i $FWFILE; then
    echo "Expecting an unsigned firmware to fail."
    exit 1
fi

echo Expecting error from list...
if $FWUP_APPLY -l -p $WORK/fwup-key.pub -i $FWFILE; then
    echo "Expecting an unsigned firmware to fail."
    exit 1
fi

echo Expecting error from metadata...
if $FWUP_APPLY -m -p $WORK/fwup-key.pub -i $FWFILE; then
    echo "Expecting an unsigned firmware to fail."
    exit 1
fi

